Introduction: 

How to let a user, for e.g."user1" have exec permissions on only one job and when he logs in into WCC he should be able to force-start/start ONLY the particular job?

Environment:  

CA WAAE 11.3.*

CA EEM 12.*

Instructions: 

Follow below steps to accomplish the above task:

1.    1. Create a global user in EEM e.g. user1
2. Login to EEM selecting Workload Automation AE as the application.
3. Navigate to as_job policy under "manage access policies"
4. In the default access policy which grants permission to all the views, create a filter for your user so that he will be excluded from everybody else from accessing. The filter can be as follows:

WHERE global user: gu:UserName != value: val:user1

5. Then create a new as_job policy to enforce the read and execute permissions on your user under "identity access control". Please refer the screenshot attached for this.

<Please see attached file for image>

6. Click save.
7. Login to WCC and check if this is working.